Failover to backup SRX in cluster. Reth interfaces in zones and Natting
Hello, I have 2 SRX5800 chassis in a HA cluster, active/passive. I am new to juniper equipment (NEVER WORKED WITH ANY TYPE OF FIREWALL) and I have to get solution together within a week. I have...
View Articleclient/dynamic vpn license for chassis cluster
Hi, we have a SRX240 chassis cluster firewall and we want to install license for client/dynamic vpn. if we install 5 client vpn license for both firewall, are we going to have 5 or 10 client vpn...
View ArticleSRX 650 - SSH issue
Hi all, We have a 2 Juniper SRX 650 HA Cluster mode with following details;roups { node0 { system { host-name SRX1; } interfaces { fxp0 { unit 0 { family inet { address 192.168.70.250/32; } } node1 {...
View ArticleClik here to view.
SRX240 cluster at 2 sites
Hi, I hope somebody can help me with this setup. We are trying to make a SRX240 cluster at two sites connected to each other with a fiber trunk (with all Vlan's at both sites). Site A and Site B are...
View ArticleDHCP OPTION setting in SRX100
Right now, I have only one option for this device, but there is a primary and a secondary (active & Standby) option 43 10.10.9.98option 43 10.10.9.99 is it possible to do the above setting.?
View ArticlePort Overloading factor with overflow
Hi Team, I have this specific requirement where I did configure 1 ip address in my source pool to PAT-NAT.I did configure port-overloading-factor = 4 configuration to have bigger port space for my...
View ArticleFilter Based Forwarding to Specific Outgoing Interface on SRX
Hi, On MX series we can achieve filter based forwarding by just defining the next-interface in the then stanza according to this link...
View ArticleClik here to view.
IPsec VPN traffic from outside subnets
Hello everyone, I would like to know if it's possible to connect local networks which aren't connected directly to the firewall. E.g.: We have one Juniper at our office and on other end, another...
View ArticleSRX-100 and USB Cellular modem, not working
We have a Sierra Wireless 319U that works fine on my laptop.I am trying to make it work on the SRX. We are using profile 4. The power is on the USB 319U, but the data never goes solid, it just blinks,...
View ArticleVDSL G.993.5 (G.vector) and G.INP support on SRX 110VA and VDLS PIM
Does any SRX support VDSL G.993.5 (G.vector) and G.INP ? These two protocols are mandatory for any equipmet connected FTTN links in Australia.
View ArticleFQDN Security Policy Problem (A-Records missing from lookup)
So, i tried to make a FQDN security policy to allow one of our servers to fetch owncloud updates. The policy looks like this xxx@yyy> show configuration security policies from-zone perimeter1...
View ArticleClik here to view.
SRX210 Booting from backup image 10.0R3.10
Rank amateur alert! I have a spare SRX210 which is booting from the backup image. It had previously been ok but i think a sudden power outage killed it. I want to be able to put the latest software on...
View ArticleSimple migraiton SRX240 to SRX240H2
Can anyone shed some light on how to do this? is it just a simple config backup and restore? They kink here are the nailed up site-to-site tunnels that I need to be sure I capture the pre-share keys...
View ArticleDHCP issue with SRX
Folks, I am using PPPOE on SRX-100 port FE7 and connecting Port 6 to an AP that I have two SSID defined on VLAN 8 and VLAN 9. Somehow my laptop cannot get an IP on when I am trying to connect to either...
View ArticleCant commit in SRX 240 cluster
Hello all,i have a problem, that i cant commit in srx240 cluster. Then i commit on node0 it stuck and after some time write to me:error: timeout waiting for response from node1. commit details...
View ArticleApple iPhone/iPad VPN to Juniper SRX - now possible!
Hi,For a long time, I was trying to find solution to establish VPN connection between Apple iPhone/iPad devices and Juniper SRX devices, but without success. Now, with latest Apple iOS improvements,...
View ArticleCreate Geo location based policy to block access from specific countries
We have two offices and secured one with Juniper SRX 220 H& other with SRX240 H2 Both office have FTP, WEB & DB servers & everyday lot of hits from some countries(China, Korea...etc) and...
View ArticleBandwidth Usage Monitoring
I would like to know if there's a way to monitor bandwith usage on a SRX. For example, I want to check how much bandwidth has moved through the srx for like this month. Is there way to accomplish...
View ArticleMultiple logical interfaces per one physical
Hello, SRX 220 here. I'd like to define 2 logical interfaces (each with dedicated IP) at one reth interface. The reason isn't functionality, but monitoring related. I use SNMP to obtain the traffic...
View ArticlePrevent web-management to be accessible from outside
Hi All, I faced a bit confusing situation and could not find answer in Internet. I'd like to disable web-management on External interface reth0.1 so I have got the following config: set system...
View Article